Security Basics mailing list archives

Re: {Spam?} Re: AW: SUS Help

From: "T. Shawn Knisely" <shawn () knisely org>
Date: Wed, 17 Sep 2003 15:19:44 -0400

The next time the PC boots up it will see that it should have updated at 3 am 
and will get the updates from the SUS server.

On Wednesday 17 September 2003 10:20 am, Jane Han wrote:

Hi, all

If you set to automatic download and install at 3:00AM
option through group policy, what happen to
workstations that are shut down at 3:00AM?  In my
company, most people shut down their workstations.
How will these workstations get all updated patches
from SUS server?

Thanks,


Jane

-----Original Message-----
From: Tim Warren
[mailto:tim.warren () computerjobs com]
Sent: Friday, September 12, 2003 8:18 AM
To: 'Markus Rossi';
security-basics () securityfocus com
Subject: RE: AW: SUS Help

The Sus App works extremely well, we have been using
it with no I'll effects
for almost a year.  It was really meant for large
workstation installs and
we also use it for our testing servers, but not the
web farm.  SUS has a
patch approval process by which the patch is
downloaded and waits for your
approval.  SUS by no means mitigates your
responsibility to stay on top of
patches and test them, it only helps roll them out.
It also comes with a
multi-tier testing and approval design you can
implement if you so choose.
It's very flexible, has caused no errors and is free
unlike RedHats version,
for which I subscribe because they have to earn
revenue anyway they can and
I don't want them going out of business or being
bought by IBM.  But, don't
use it or any other patching program on a production
server, not that it
won't work, unless you're a gambler.

Tim W

-----Original Message-----
From: Markus Rossi
[mailto:securityfocus () familyrossi com]
Sent: Thursday, September 11, 2003 3:44 PM
To: security-basics () securityfocus com
Subject: Re: AW: SUS Help

Chris,

AFAIK HFNetChk should work with NT4 domains as well
as AD. I've yet to
deploy it but it looks extremely promising. See
www.shavlik.com

Markus

Meidinger Chris wrote:

Hi guys,

i'm dealing with exactly the same problem, and i


can promise you there

is
*no* affordable option to automagically patch NT


boxes without scripting it

yourself. Which is what i will spend the next week


doing.....

Cheers,

Chris

-----Ursprüngliche Nachricht-----
Von: Roger A. Grimes [mailto:rogerg () cox net]
Gesendet: Donnerstag, 11. September 2003 03:40
An: Gooch, Linnie;


security-basics () securityfocus com

Betreff: RE: SUS Help


It doesn't work in NT environments.  SUS must be


installed on a W2K or

Server 2003 server, and the client must run the


Automatic Updates

service (which doesn't run on NT).

There are few options available when patching an NT


environment.  Even

Win98 has more patch mgmt options.

Roger


***********************************************************************

****
*Roger A. Grimes, Computer Security Consultant
*CPA, MCSE (NT/2000), CNE (3/4), A+
*email: rogerg () cox net
*cell: 757-615-3355
*Author of Malicious Mobile Code:  Virus Protection


for Windows by O'Reilly

*http://www.oreilly.com/catalog/malmobcode/
*Author of Apress's upcoming Honeypots for Windows


**************************************************************************
*

-----Original Message-----
From: Gooch, Linnie [mailto:Linnie () wescom org]
Sent: Tuesday, September 09, 2003 8:28 PM
To: security-basics () securityfocus com
Subject: SUS Help


I've been reading everyone's input on SUS and I'm


trying to evaluate it

at my company. I want to know if anyone has


deployed it with an NT4

environment? We aren't moving to AD for another 3


months, but with the

blaster worm and other such vulnerabilities, I want


to get it up and

running right away.

Here is what I'm looking for.

I'm reading the documentation for SUS, and it talks


about setting the

registry on client machines, which is no problem,


but the documentation

is so unclear about what exactly I need to add to


the registry. I was

wondering if anyone knew exactly what registry keys


needed to be added

or changed so I could test it right away.

Thanks guys. This list rocks!


Linnie Gooch, MCSE
Manager of Systems and Technology
Wescom Credit Union
(888) 493 7266 x 8801


**********************************************************************

This email and any files transmitted with it are


confidential and

intended solely for the use of the individual or


entity to whom they

are addressed. If you have received this email in


error, please delete

it immediately and advise the sender. WESCOM CREDIT


UNION (626)

535-1000


**********************************************************************



-----------------------------------------------------------------------

----
Captus Networks
Are you prepared for the next Sobig & Blaster?
- Instantly Stop DoS/DDoS Attacks, Worms & Port


Scans

- Precisely Define and Implement Network Security
- Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment


Toolkit

http://www.captusnetworks.com/ads/42.htm


--------------------------------------------------------------------------
- -



-----------------------------------------------------------------------

----
Captus Networks
Are you prepared for the next Sobig & Blaster?
- Instantly Stop DoS/DDoS Attacks, Worms & Port


Scans

- Precisely Define and Implement Network Security
- Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment


Toolkit

http://www.captusnetworks.com/ads/42.htm


--------------------------------------------------------------------------
- -


-----------------------------------------------------------------------

----
Captus Networks
Are you prepared for the next Sobig & Blaster?
- Instantly Stop DoS/DDoS Attacks, Worms & Port


Scans

- Precisely Define and Implement Network Security
- Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment


Toolkit

http://www.captusnetworks.com/ads/42.htm


--------------------------------------------------------------------------
- -


=== message truncated ===


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
---------------------------------------------------------------------------
-


-- 
T. Shawn Knisely

---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

AW: SUS Help Meidinger Chris (Sep 11)
- Re: AW: SUS Help Markus Rossi (Sep 11)
  - RE: AW: SUS Help Spencer D'oro (Sep 12)
- Re: AW: SUS Help lennons (Sep 11)
- Re: AW: SUS Help Markus Rossi (Sep 11)
- Re: AW: SUS Help Tim Syratt (Sep 11)
- <Possible follow-ups>
- RE: AW: SUS Help Tim Warren (Sep 12)
- RE: AW: SUS Help Steven A. Fletcher (Sep 16)
- Re: AW: SUS Help Jane Han (Sep 17)
  - Re: AW: SUS Help Carlton Foster (Sep 17)
  - Re: {Spam?} Re: AW: SUS Help T. Shawn Knisely (Sep 17)
- RE: AW: SUS Help Jane Han (Sep 24)